Physical Security Manager leading security operations across North America, Japan, and South Korea for Unity Technologies. Overseeing site security, travel security, and event security management.
MO
Information Security Engineer – Application Security Focus
Posted 2 months ago
About the role
- Senior Information Security Engineer designing secure software solutions at Mechanical Orchard, specializing in application security and cloud environments.
Responsibilities
- Build Security into Development: Work alongside engineering teams to integrate security throughout the SDLC; from design reviews and threat modeling to secure coding practices. Conduct security assessments of applications, APIs, and cloud infrastructure. Guide developers on secure authentication, authorization, cryptography, and data protection. Champion security best practices while maintaining developer velocity and trust.
- Implement Security Tooling & Automation: Deploy and manage application security tools including SAST, DAST, SCA, and container scanning. Build automation for security testing in CI/CD pipelines. Implement and improve secrets management solutions. Create dashboards and metrics to track security posture.
- Drive Security Initiatives: Lead application vulnerability management programs including triage, prioritization, and driving remediation. Support security compliance efforts (SOC 2, ISO 27001, or similar frameworks). Contribute to incident response and security event investigation. Develop security training and documentation for engineering teams.
- Collaborate Across Teams: Partner with infrastructure and DevOps teams on cloud security controls. Perform risk assessments for new features, technologies, and third-party integrations. Participate in architecture reviews and provide security guidance.
Requirements
- Bachelor’s degree in Computer Science, Software Engineering, Information Security, or a related technical field, or equivalent practical experience.
- Strong written and verbal communication skills in English.
- 5+ years of professional experience in information security, with a significant focus on application and cloud security.
- Professional software development experience, with hands-on responsibility for designing, building, and maintaining production systems in a language like Python, Go, Java, JavaScript, or similar.
- Strong understanding of application security principles: OWASP Top 10, secure authentication/authorization, encryption, API security.
- Experience with cloud platforms (AWS, GCP, or Azure) and cloud-native security.
- Hands-on experience with CI/CD systems and DevOps practices.
- Knowledge of container security and orchestration platforms (Docker, Kubernetes).
- Experience implementing security tools like SAST/DAST scanners, dependency checkers, or secrets detection.
- Experience with security tools such as Aikido, Snyk, Semgrep, Trivy, Wiz, HashiCorp Vault, or similar.
- Collaborative mindset—you build security solutions with engineers, not against them.
Benefits
- Employee accommodations for disabilities.
- Equal employment opportunities for all applicants.
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Lead defensive threat research on generative and agentic AI systems at RBC. Identify emerging threats and develop proof - of - concept exploits to enhance AI security.
System Security Administrator managing and securing eStruxture's IT infrastructure. Collaborating on security projects and ensuring operational excellence in data centers.
Bug Bounty Security Researcher identifying and reporting vulnerabilities in software applications and systems for Inspectiv. Contributing to improving security and participating in bug bounty programs.
Information Security Engineer safeguarding digital infrastructure at Forward Financing. Building automation workflows and enhancing security measures through proactive solutions and incident response.
Software Engineer focusing on security features for AI systems at Cohere, contributing to production security and secure coding practices.
Senior Security Engineer supporting end - to - end security architecture and compliance for healthcare AI startup. Designing Azure security solutions and partnering with engineering teams for integrated security throughout SDLC.
Security Engineer at Asymmetric Research specializing in security for L1/L2 blockchains and DeFi protocols. Design controls, conduct audits, and analyze vulnerabilities in Rust - based platforms.
Coordonnatrice en santé et sécurité au travail chez EXP, contribuant à la prévention et à la formation. Collaborant avec les équipes pour maintenir un environnement de travail sûr.
Senior Manager, IAM Control Assurance supporting identity and access management compliance within a global financial organization. Collaborating with cross - functional teams for regulatory and audit compliance.